"""
@release: fsray-api-alpha
@file: access.py
@author: lingdubing
@desc: 操作权限行为的接口层
@character: utf-8
"""


from models.models import Access
from fastapi import  APIRouter, Depends
from service.AccessService import AccessService
from service.RoleAccessService import RoleAccessService
from schemas.response import *
from core.Auth import verify_token, check_permission
from config import settings

router = APIRouter()

@router.get('/load_access', summary="动态加载权限菜单", response_model=ReturnDataModel)
async def load_access(user_info: tuple = Depends(verify_token)):
    """
    动态加载菜单权限
    :param role_id:
    :return:
    """
    role_id = user_info[1]
    role_access_link = RoleAccessService()
    access = AccessService()
    menu_access_list = []
    access_list = role_access_link.get_access_by_role(role_id)
    for var in access_list:
        access_info = access.get_access_by_id(var.access_id)
        if access_info.is_menu:
            access_dict = {
                'access_id': access_info.access_id,
                'access_name': access_info.access_name,
                'access_url': access_info.access_url,
            }
            menu_access_list.append(access_dict)

    role_access_link.close()
    access.close()
    return ReturnDataModel(success=True, message="加载菜单成功", code=STATUS_CODE["success"],
                               total=len(menu_access_list), data=menu_access_list)

@router.get('/verify_menu_permission', summary="验证菜单权限", response_model=ReturnNoneDataModel)
async def verify_menu_permission(path: str, user_info: tuple = Depends(verify_token)):
    """
    验证菜单权限
    :param path:
    :param role_id:
    :return:
    """
    role_id = user_info[1]
    role_access_link = RoleAccessService()
    access = AccessService()

    access_list = role_access_link.get_access_by_role(role_id)
    access_scopes_list = []
    for var in access_list:
        access_info = access.get_access_by_id_menu(var.access_id)
        if access_info is not None:
            access_scopes_list.append(access_info.access_url)
    access.close()
    role_access_link.close()

    if path not in access_scopes_list:
        return ReturnNoneDataModel(code=STATUS_CODE["unauthorized"], message="无权限访问", success=False)
    else:
        return ReturnNoneDataModel(code=STATUS_CODE["success"], message="允许访问", success=True)

@router.get('/update_role_access', summary="更新角色权限", response_model=ReturnNoneDataModel, dependencies=[Depends(check_permission)])
async def update_role_access(role_id: str, access_id: str ,user_info: tuple = Depends(check_permission)):
    access_service = AccessService()
    role_access_service = RoleAccessService()

    user_id = user_info[0]
    access_list = access_service.get_parent_access(access_id)
    role_access_service.create_role_access(role_id=role_id, access_id=access_id, user_id=user_id)

    for access in access_list:
        role_access_service.create_role_access(role_id=role_id, access_id=access.access_id, user_id=user_id)
    return ReturnNoneDataModel(success=True, message="更新角色权限成功", code=STATUS_CODE["success"])
















